Known Vulnerabilities

Liferay Portal 7.4.3.112 Liferay Portal 7.4.3.112 Liferay DXP 2024.Q1.1 Liferay DXP 2024.Q1.1 Blogs in Liferay Portal and Liferay DXP does not check permission of images in a blog entry, which...

The Document Library and the Adaptive Media modules in Liferay Portal and Liferay DXP uses an incorrect cache-control header, which allows local users to obtain access to downloaded files via the...

By default, Liferay Portal and Liferay DXP is vulnerable to DNS rebinding attacks, which allows remote attackers to redirect users to arbitrary external URLs. This vulnerability can be mitigated by...

Password enumeration vulnerability in Liferay Portal and Liferay DXP allows remote attackers to determine a user’s password even if account lockout is enabled via brute force attack. Liferay...

Liferay Portal and Liferay DXP stores password reset tokens in plain text, which allows attackers with access to the database to obtain the token, reset a user’s password and take over the user’s...

Liferay Portal 7.0.0 through 7.4.3.97 Liferay DXP 2023.Q3.1 through 2023.Q3.4 Liferay DXP 7.4 Liferay DXP 7.3 GA through U35 And older unsupported versions Liferay Portal 7.4.3.98 Liferay Portal...

Liferay DXP 2024.Q1.1 Liferay Portal 7.4.3.112 Liferay DXP 2023.Q3.6 Liferay DXP 2023.Q4.3 Liferay DXP 7.3 U36 The ComboServlet in Liferay Portal and Liferay DXP does not limit the number or size...

Liferay DXP 7.3 U35 Liferay DXP 2023.Q3.6 Self Cross-site scripting (XSS) vulnerability on the edit Knowledge Base article page in Liferay Portal and Liferay DXP allows remote attackers to inject...

Liferay Portal 7.0.0 through 7.4.3.132 Liferay DXP 2023.Q4.0 through 2023.Q4.1 Liferay DXP 2023.Q3.1 through 2023.Q3.4 Liferay DXP 7.4 GA through update 92 Liferay DXP 7.3 GA through update 35, and...

A memory leak in the headless API for StructuredContents in Liferay Portal and Liferay DXP allows an attacker to cause server unavailability (denial of service) via repeatedly calling the API...

Liferay Portal 7.4.3.113 Liferay DXP 2024.Q2.0 Liferay DXP 2024.Q1.1 Liferay DXP 2023.Q4.9 Liferay Portal 7.2.0 through 7.4.3.112 Liferay DXP 2023.Q4.0 through 2023.Q4.8 Liferay DXP 2023.Q3.1...

Liferay DXP 2023.Q3.9 Liferay DXP 2023.Q4.8 Cross-Site Request Forgery (CSRF) vulnerability in the server (license) registration page in Liferay Portal and Liferay DXP allows remote attackers to...

Path traversal vulnerability with the downloading and installation of Xuggler in Liferay Portal and Liferay DXP allows remote attackers to (1) add files to arbitrary locations on the server and (2)...

This issue was reported by milCERT AT and Lucas Machado from Devoteam Cyber Trust A stored cross-site scripting (XSS) vulnerability exists with radio button type custom fields in Liferay Portal...

Liferay Portal 7.4.0 through 7.4.3.38 Liferay DXP 7.4 GA through Update 38 Liferay Portal 7.4.3.39 Liferay Portal 7.4.3.39 Liferay DXP 7.4 Update 39 Liferay DXP 7.4 Update 39 This issue was...

Liferay DXP 2024.Q1.1 Liferay Portal 7.4.3.112 Liferay DXP 2023.Q3.5 Liferay DXP 2023.Q4.1 Liferay DXP 7.3 U36 This issue was reported by 4rth4s Liferay Portal and Liferay DXP does not limit access...

The Profile widget in Liferay Portal and Liferay DXP uses a user’s name in the “Content-Disposition” header, which allows remote authenticated users to change the file extension when a vCard file...

Insecure Direct Object Reference (IDOR) vulnerability with audit events in Liferay Portal and Liferay DXP allows remote authenticated users to from one virtual instance to view the audit events...

Liferay DXP 2024.Q1.3 Liferay DXP 2024.Q2.0 Liferay DXP 2023.Q4.9 This issue was reported by argon21 Stored cross-site scripting (XSS) vulnerabilities in Web Content translation in Liferay Portal...

Liferay DXP 2023.Q3.9 This issue was reported by foobar7 Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal and Liferay DXP allow remote authenticated users to inject...

Insecure Direct Object Reference (IDOR) vulnerability in Liferay Portal and Liferay DXP allows remote authenticated users in one virtual instance to assign an organization to a user in a different...

Cross-site scripting (XSS) vulnerability in the Blogs widget in Liferay Portal and Liferay DXP allows remote attackers to inject arbitrary web script or HTML via a crafted <iframe> injected into a...

Open redirect vulnerability in the System Settings in Liferay Portal and Liferay DXP allows remote attackers to redirect users to arbitrary external URLs via the...

This issue was reported by milCERT AT and Abderrahmane BOUNHIDJA Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal and Liferay DXP allows remote...

Open redirect vulnerability in page administration in Liferay Portal and Liferay DXP allows remote attackers to redirect users to arbitrary external URLs via the...

Liferay Portal and Liferay DXP does not limit the depth of a GraphQL queries, which allows remote attackers to perform denial-of-service (DoS) attacks on the application by executing complex...

Liferay Portal 7.4.3.22 Liferay DXP 7.4 Update 10 Liferay DXP 7.3 Update 26 Liferay Portal 7.0.0 through 7.4.3.21 Liferay DXP 7.4 GA through Update 9 Liferay DXP 7.3 GA through Update 25 Liferay...

Insufficient CSRF protection for omni-administrator users in Liferay Portal and Liferay DXP allows attackers to execute Cross-Site Request Forgery Liferay Portal 7.0.0 through 7.4.3.119 Liferay DXP...

Liferay Portal and Liferay DXP does not limit access to APIs before a user has verified their email address, which allows remote users to access and edit content via the API. Liferay DXP 2023.Q3.1...

Liferay Portal 7.4.3.38 Liferay Portal 7.4.3.38 Liferay DXP 7.4 update 38 Liferay DXP 7.3 update 11 Liferay DXP 7.2 fix pack 20 Liferay DXP 7.3 update 11 Liferay DXP 7.4 update 38 Liferay DXP 7.2...

Liferay DXP 7.3 update 8 Liferay DXP 7.4 update 27 Liferay DXP 7.2 fix pack 20 This issue was reported by Barnabás Horváth (T4r0) Severity 2 User enumeration vulnerability in Liferay Portal and...

Workaround: Set the following in portal(-ext).properties: http.header.version.verbosity=partial Liferay DXP 7.2 fix pack 19 Severity 2 In Liferay Portal and Liferay DXP the default value of the...

This issue was reported by: Sompo Digital Lab Tel Aviv, Asaf Guterman Severity 2 Privilege escalation vulnerability in Wiki in Liferay Portal and Liferay DXP allows remote authenticated users to...

Severity 1 Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay Portal and Liferay DXP allow remote authenticated users to inject arbitrary web script or HTML via a crafted payload...

Severity 2 The Image Uploader module in Liferay Portal and Liferay DXP relies on a request parameter to limit the size of files that can be uploaded, which allows remote authenticated users to...

Severity 2 In Liferay Portal and Liferay DXP, the default configuration does not sanitize blog entries of JavaScript, which allows remote authenticated users to inject arbitrary web script or HTML...

Severity 2 HtmlUtil.escapeRedirect in Liferay Portal and Liferay DXP can be circumvented by using two forward slashes, which allows remote attackers to redirect users to arbitrary external URLs via...

Liferay Portal 7.4.0 through 7.4.3.18 Liferay Portal 7.3.0 through 7.3.7 Liferay Portal 7.2.0 and 7.2.1 Liferay Portal, older unsupported versions Liferay DXP 7.4 before update 19 Liferay DXP 7.3...

Liferay Portal 7.4.3.14 Liferay Portal 7.4.3.14 Liferay DXP 7.4 update 16 Liferay DXP 7.3 update 4 Liferay DXP 7.2 fix pack 17 Liferay DXP 7.3 update 4 Liferay DXP 7.4 update 16 Workaround: Set the...

Liferay DXP 7.3 update 12 Liferay DXP 7.4 update 4 Liferay DXP 7.2 fix pack 20 Severity 2 XXE vulnerability in Liferay Portal and Liferay DXP allows attackers with permission to deploy...